#!/bin/sh

config="my.cnf.$$"
command="mysql.$$"

dbname='asud'

webuser='asud_web'
srvuser='asud_srv'

rootpass=`< /dev/urandom tr -dc A-Za-z0-9_ | head -c8`
webpass=`< /dev/urandom tr -dc A-Za-z0-9_ | head -c8`
srvpass=`< /dev/urandom tr -dc A-Za-z0-9_ | head -c8`

trap "interrupt" 2

echo "Root password: $rootpass" > /root/all_pass
echo "Web password: $webpass" >> /root/all_pass
echo "Server password: $srvpass" >> /root/all_pass

prepare() 
{
    touch $config $command
    chmod 600 $config $command
}

find_mysql_client()
{
  for n in ./bin/mysql mysql
  do  
    $n --no-defaults --help > /dev/null 2>&1
    status=$?
    if test $status -eq 0
    then
      mysql_client=$n
      return
    fi  
  done
  echo "Can't find a 'mysql' client in PATH or ./bin"
  exit 1
}

do_query() 
{
    echo "$1" >$command
    #sed 's,^,> ,' < $command  # Debugging
    $mysql_client --defaults-file=$config -B <$command
    return $?
}


basic_single_escape() 
{
    echo "$1" | sed 's/\(['"'"'\]\)/\\\1/g'
}

make_config() 
{
    echo "# mysql_secure_installation config file" >$config
    echo "[mysql]" >>$config
    echo "user=root" >>$config
    esc_pass=`basic_single_escape "$rootpass"`
    echo "password='$esc_pass'" >>$config
    echo "default-character-set=utf8" >>$config
    #sed 's,^,> ,' < $config  # Debugging
}

remove_anonymous_users() 
{
    do_query "DELETE FROM mysql.user WHERE User='';"
    if [ $? -eq 0 ]; then
	echo " ... Success!"
    else
	echo " ... Failed!"
	return 1
    fi

    return 0
}

remove_remote_root() 
{
    do_query "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
    if [ $? -eq 0 ]; then
	echo " ... Success!"
    else
	echo " ... Failed!"
    fi
}

remove_test_database() 
{
    echo " - Dropping test database..."
    do_query "DROP DATABASE test;"
    if [ $? -eq 0 ]; then
	echo " ... Success!"
    else
	echo " ... Failed!  Not critical, keep moving..."
    fi

    echo " - Removing privileges on test database..."
    do_query "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
    if [ $? -eq 0 ]; then
	echo " ... Success!"
    else
	echo " ... Failed!  Not critical, keep moving..."
    fi

    return 0
}


create_asud_database() 
{
    echo " - Create asud database..."
    do_query "CREATE DATABASE $dbname;"
    
    if [ $? -eq 0 ]; then
	  echo " ... Success!"
    else
	  echo " ... Failed!"
	  return 1
    fi
    
    echo " - Create user for web..."
    do_query "GRANT SELECT, UPDATE, INSERT, DELETE, LOCK TABLES ON asud.* TO '$webuser'@'localhost' IDENTIFIED BY '$webpass';"
    
    if [ $? -eq 0 ]; then
	  echo " ... Success!"
    else
	  echo " ... Failed!"
	  return 1
    fi

    echo " - Create user for server..."
    do_query "GRANT SELECT, UPDATE, INSERT, DELETE, LOCK TABLES ON asud.* TO '$srvuser'@'localhost' IDENTIFIED BY '$srvpass';"
    
    if [ $? -eq 0 ]; then
	  echo " ... Success!"
    else
	  echo " ... Failed!"
	  return 1
    fi
    
    echo " - Loading data into table..."
      $mysql_client --defaults-file=$config -B -D $dbname < 'sql.sql'
    if [ $? -eq 0 ]; then
	  echo " ... Success!"
    else
	  echo " ... Failed!"
	  return 1
    fi

    return 0
}

setup_conf_files()
{
 
   sed -e s/@USER@/$webuser/g -e s/@DATABASE@/$dbname/g -e s/@PASSWORD@/$webpass/ settings.inc.php.tmpl > /var/www/html/asud/settings.inc.php
   sed -e s/@USER@/$srvuser/g -e s/@DATABASE@/$dbname/g -e s/@PASSWORD@/$srvpass/ asudserver.conf.tmpl > /etc/asudserver/asudserver.conf
}


reload_privilege_tables() 
{
    do_query "FLUSH PRIVILEGES;"
    if [ $? -eq 0 ]; then
	echo " ... Success!"
	return 0
    else
	echo " ... Failed!"
	return 1
    fi
}

interrupt() 
{
    echo
    echo "Aborting!"
    echo
    cleanup
    exit 1
}

cleanup()
{
  rm -f $config $command
}

mysqladmin -u root password $rootpass

prepare && find_mysql_client && make_config && remove_test_database && create_asud_database && setup_conf_files && remove_anonymous_users && remove_remote_root && reload_privilege_tables 

cleanup
